selfpass/sp/commands/create.go

package commands

import (
	"context"
	"encoding/base64"
	"fmt"
	"os"
	"time"

	"github.com/atotto/clipboard"
	"github.com/pquerna/otp/totp"
	"github.com/spf13/cobra"
	"gopkg.in/AlecAivazis/survey.v1"

	"github.com/mitchell/selfpass/services/credentials/types"
	"github.com/mitchell/selfpass/sp/crypto"
	clitypes "github.com/mitchell/selfpass/sp/types"
)

func makeCreate(repo clitypes.ConfigRepo, initClient credentialsClientInit) *cobra.Command {
	flags := credentialFlagSet{}.withPasswordFlags()

	createCmd := &cobra.Command{
		Use:   "create",
		Short: "Create a credential in Selfpass",
		Long: `Create a credential in Selfpass, and save it to the server after encrypting the
password.`,

		Run: func(_ *cobra.Command, args []string) {
			defer flags.resetValues()

			var (
				otp     bool
				cleancb bool
				newpass bool
				ci      types.CredentialInput
				prompt  survey.Prompt
			)

			masterpass, cfg, err := repo.OpenConfig()
			check(err)

			mdqs := []*survey.Question{
				{
					Name:   "primary",
					Prompt: &survey.Input{Message: "Primary user key:"},
				},
				{
					Name:   "sourceHost",
					Prompt: &survey.Input{Message: "Source host:"},
				},
				{
					Name:   "loginURL",
					Prompt: &survey.Input{Message: "Login url:"},
				},
				{
					Name:   "tag",
					Prompt: &survey.Input{Message: "Tag:"},
				},
			}
			cqs := []*survey.Question{
				{
					Name:   "username",
					Prompt: &survey.Input{Message: "Username:"},
				},
				{
					Name:   "email",
					Prompt: &survey.Input{Message: "Email:"},
				},
			}
			check(survey.Ask(mdqs, &ci.MetadataInput))
			check(survey.Ask(cqs, &ci))

			key := cfg.GetString(clitypes.KeyPrivateKey)
			keypass := crypto.GeneratePBKDF2Key([]byte(masterpass), []byte(key))

			prompt = &survey.Confirm{Message: "Do you want a random password?", Default: true}
			check(survey.AskOne(prompt, &newpass, nil))

			if newpass {
				ci.Password = crypto.GeneratePassword(int(flags.length), !flags.noNumbers, !flags.noSpecials)

				var copypass bool
				prompt = &survey.Confirm{Message: "Copy new pass to clipboard?", Default: true}
				check(survey.AskOne(prompt, &copypass, nil))

				if copypass {
					check(clipboard.WriteAll(ci.Password))
					fmt.Println("Wrote password to clipboard.")
				}
			} else {
				prompt := &survey.Password{Message: "Password: "}
				check(survey.AskOne(prompt, &ci.Password, nil))

				var cpass string
				prompt = &survey.Password{Message: "Confirm password: "}
				check(survey.AskOne(prompt, &cpass, nil))

				if ci.Password != cpass {
					fmt.Println("passwords didn't match")
					os.Exit(1)
				}
			}

			cipherpass, err := crypto.CBCEncrypt(keypass, []byte(ci.Password))
			check(err)

			ci.Password = base64.StdEncoding.EncodeToString(cipherpass)

			prompt = &survey.Confirm{Message: "Do you have an OTP/MFA secret?", Default: true}
			check(survey.AskOne(prompt, &otp, nil))

			if otp {
				var copyOTP bool
				var secret string

				prompt = &survey.Password{Message: "OTP secret:"}
				check(survey.AskOne(prompt, &secret, nil))

				if secret != "" {
					ciphersecret, err := crypto.CBCEncrypt(keypass, []byte(secret))
					check(err)

					ci.OTPSecret = base64.StdEncoding.EncodeToString(ciphersecret)

					prompt = &survey.Confirm{Message: "Copy new OTP to clipboard?", Default: true}
					check(survey.AskOne(prompt, &copyOTP, nil))
				}

				if copyOTP {
					otp, err := totp.GenerateCode(secret, time.Now())
					check(err)

					check(clipboard.WriteAll(otp))
					fmt.Println("Wrote one time password to clipboard.")

					prompt = &survey.Confirm{Message: "Anotha one?", Default: true}
					check(survey.AskOne(prompt, &copyOTP, nil))

					if copyOTP {
						otp, err := totp.GenerateCode(secret, time.Now().Add(time.Second*30))
						check(err)

						check(clipboard.WriteAll(otp))
						fmt.Println("Wrote one time password to clipboard.")
					}
				}
			}

			ctx, cancel := context.WithTimeout(context.Background(), time.Second*60)
			defer cancel()

			client := initClient(ctx)

			ctx, cancel = context.WithTimeout(context.Background(), time.Second*25)
			defer cancel()

			c, err := client.Create(ctx, ci)
			check(err)

			fmt.Println(c)

			prompt = &survey.Confirm{Message: "Do you want to clear the clipboard?", Default: true}
			check(survey.AskOne(prompt, &cleancb, nil))

			if cleancb {
				check(clipboard.WriteAll(" "))
				fmt.Println("Clipboard cleared.")
			}
		},
	}

	flags.register(createCmd)

	return createCmd
}
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`package commands`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00
			`import (`
			`"context"`
			`"encoding/base64"`
			`"fmt"`
			`"os"`
			`"time"`

			`"github.com/atotto/clipboard"`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`"github.com/pquerna/otp/totp"`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`"github.com/spf13/cobra"`
			`"gopkg.in/AlecAivazis/survey.v1"`

Move service related filed to services folder 2019-07-11 02:33:22 +00:00			`"github.com/mitchell/selfpass/services/credentials/types"`
Separate cli into its own module; rename it to sp 2019-07-11 06:05:59 +00:00			`"github.com/mitchell/selfpass/sp/crypto"`
			`clitypes "github.com/mitchell/selfpass/sp/types"`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`)`

Change update/create to give 2 OTP codes; minor rename 2019-08-12 18:51:39 +00:00			`func makeCreate(repo clitypes.ConfigRepo, initClient credentialsClientInit) *cobra.Command {`
Modify cmds that list metadata to not sort; refactor to credentials flags; fix issue with init command 2019-08-01 03:17:38 +00:00			`flags := credentialFlagSet{}.withPasswordFlags()`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`createCmd := &cobra.Command{`
			`Use: "create",`
			`Short: "Create a credential in Selfpass",`
			Long: `Create a credential in Selfpass, and save it to the server after encrypting the
			password.`,

			`Run: func(_ *cobra.Command, args []string) {`
Refactor error handling in prompt mode; add cred flag and reset func 2019-08-31 21:19:25 +00:00			`defer flags.resetValues()`

Added update command; refactored duplicated code for selecting a credential 2019-06-16 11:02:49 +00:00			`var (`
			`otp bool`
			`cleancb bool`
			`newpass bool`
			`ci types.CredentialInput`
Change update/create to give 2 OTP codes; minor rename 2019-08-12 18:51:39 +00:00			`prompt survey.Prompt`
Added update command; refactored duplicated code for selecting a credential 2019-06-16 11:02:49 +00:00			`)`

Refactored config management strategy for spc 2019-06-02 08:47:19 +00:00			`masterpass, cfg, err := repo.OpenConfig()`
			`check(err)`

Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`mdqs := []*survey.Question{`
			`{`
			`Name: "primary",`
			`Prompt: &survey.Input{Message: "Primary user key:"},`
			`},`
			`{`
			`Name: "sourceHost",`
			`Prompt: &survey.Input{Message: "Source host:"},`
			`},`
			`{`
			`Name: "loginURL",`
			`Prompt: &survey.Input{Message: "Login url:"},`
			`},`
			`{`
			`Name: "tag",`
			`Prompt: &survey.Input{Message: "Tag:"},`
			`},`
			`}`
			`cqs := []*survey.Question{`
			`{`
			`Name: "username",`
			`Prompt: &survey.Input{Message: "Username:"},`
			`},`
			`{`
			`Name: "email",`
			`Prompt: &survey.Input{Message: "Email:"},`
			`},`
			`}`
			`check(survey.Ask(mdqs, &ci.MetadataInput))`
			`check(survey.Ask(cqs, &ci))`

Change all key generation to use PBKDF2; change all internal encryption back to cbc mode; add hidden command to convert from gcm to cbc internally 2019-07-09 00:45:01 +00:00			`key := cfg.GetString(clitypes.KeyPrivateKey)`
			`keypass := crypto.GeneratePBKDF2Key([]byte(masterpass), []byte(key))`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00
Revert "Update get command to allow multiple creds;" This reverts commit b9c233b6b3cf9331a01ef028ece5e813018caaa7. 2019-08-29 01:39:30 +00:00			`prompt = &survey.Confirm{Message: "Do you want a random password?", Default: true}`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`check(survey.AskOne(prompt, &newpass, nil))`

			`if newpass {`
Modify cmds that list metadata to not sort; refactor to credentials flags; fix issue with init command 2019-08-01 03:17:38 +00:00			`ci.Password = crypto.GeneratePassword(int(flags.length), !flags.noNumbers, !flags.noSpecials)`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00
			`var copypass bool`
			`prompt = &survey.Confirm{Message: "Copy new pass to clipboard?", Default: true}`
			`check(survey.AskOne(prompt, &copypass, nil))`

			`if copypass {`
			`check(clipboard.WriteAll(ci.Password))`
Add more feedback after performing actions 2019-08-31 00:16:23 +00:00			`fmt.Println("Wrote password to clipboard.")`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`}`
			`} else {`
			`prompt := &survey.Password{Message: "Password: "}`
			`check(survey.AskOne(prompt, &ci.Password, nil))`

			`var cpass string`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`prompt = &survey.Password{Message: "Confirm password: "}`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`check(survey.AskOne(prompt, &cpass, nil))`

			`if ci.Password != cpass {`
Refactored Docker and Make files; increased command context timeouts; add dockerignore 2019-05-30 06:32:56 +00:00			`fmt.Println("passwords didn't match")`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`os.Exit(1)`
			`}`
			`}`

Change all key generation to use PBKDF2; change all internal encryption back to cbc mode; add hidden command to convert from gcm to cbc internally 2019-07-09 00:45:01 +00:00			`cipherpass, err := crypto.CBCEncrypt(keypass, []byte(ci.Password))`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`check(err)`

			`ci.Password = base64.StdEncoding.EncodeToString(cipherpass)`

Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`prompt = &survey.Confirm{Message: "Do you have an OTP/MFA secret?", Default: true}`
			`check(survey.AskOne(prompt, &otp, nil))`

			`if otp {`
Fix setting empty OTP secret; minor refactors 2019-09-07 05:44:43 +00:00			`var copyOTP bool`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`var secret string`
Fix setting empty OTP secret; minor refactors 2019-09-07 05:44:43 +00:00
Change update/create to give 2 OTP codes; minor rename 2019-08-12 18:51:39 +00:00			`prompt = &survey.Password{Message: "OTP secret:"}`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`check(survey.AskOne(prompt, &secret, nil))`

Fix setting empty OTP secret; minor refactors 2019-09-07 05:44:43 +00:00			`if secret != "" {`
			`ciphersecret, err := crypto.CBCEncrypt(keypass, []byte(secret))`
			`check(err)`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00
Fix setting empty OTP secret; minor refactors 2019-09-07 05:44:43 +00:00			`ci.OTPSecret = base64.StdEncoding.EncodeToString(ciphersecret)`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00
Fix setting empty OTP secret; minor refactors 2019-09-07 05:44:43 +00:00			`prompt = &survey.Confirm{Message: "Copy new OTP to clipboard?", Default: true}`
			`check(survey.AskOne(prompt, &copyOTP, nil))`
			`}`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00
Fix setting empty OTP secret; minor refactors 2019-09-07 05:44:43 +00:00			`if copyOTP {`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`otp, err := totp.GenerateCode(secret, time.Now())`
			`check(err)`

			`check(clipboard.WriteAll(otp))`
Add more feedback after performing actions 2019-08-31 00:16:23 +00:00			`fmt.Println("Wrote one time password to clipboard.")`
Change update/create to give 2 OTP codes; minor rename 2019-08-12 18:51:39 +00:00
			`prompt = &survey.Confirm{Message: "Anotha one?", Default: true}`
Fix setting empty OTP secret; minor refactors 2019-09-07 05:44:43 +00:00			`check(survey.AskOne(prompt, &copyOTP, nil))`
Change update/create to give 2 OTP codes; minor rename 2019-08-12 18:51:39 +00:00
Fix setting empty OTP secret; minor refactors 2019-09-07 05:44:43 +00:00			`if copyOTP {`
Change update/create to give 2 OTP codes; minor rename 2019-08-12 18:51:39 +00:00			`otp, err := totp.GenerateCode(secret, time.Now().Add(time.Second*30))`
			`check(err)`

			`check(clipboard.WriteAll(otp))`
Add more feedback after performing actions 2019-08-31 00:16:23 +00:00			`fmt.Println("Wrote one time password to clipboard.")`
Change update/create to give 2 OTP codes; minor rename 2019-08-12 18:51:39 +00:00			`}`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`}`
			`}`

Modify cmds that list metadata to not sort; refactor to credentials flags; fix issue with init command 2019-08-01 03:17:38 +00:00			`ctx, cancel := context.WithTimeout(context.Background(), time.Second*60)`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`defer cancel()`

Modify cmds that list metadata to not sort; refactor to credentials flags; fix issue with init command 2019-08-01 03:17:38 +00:00			`client := initClient(ctx)`

			`ctx, cancel = context.WithTimeout(context.Background(), time.Second*25)`
			`defer cancel()`

			`c, err := client.Create(ctx, ci)`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`check(err)`

Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`fmt.Println(c)`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00
Revert "Update get command to allow multiple creds;" This reverts commit b9c233b6b3cf9331a01ef028ece5e813018caaa7. 2019-08-29 01:39:30 +00:00			`prompt = &survey.Confirm{Message: "Do you want to clear the clipboard?", Default: true}`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`check(survey.AskOne(prompt, &cleancb, nil))`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`if cleancb {`
			`check(clipboard.WriteAll(" "))`
Add more feedback after performing actions 2019-08-31 00:16:23 +00:00			`fmt.Println("Clipboard cleared.")`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00			`}`
			`},`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`}`

Modify cmds that list metadata to not sort; refactor to credentials flags; fix issue with init command 2019-08-01 03:17:38 +00:00			`flags.register(createCmd)`
Implemented all but update from cli client to server; solidified encryption; setup deployment mechanism for GCP 2019-05-28 01:16:50 +00:00
			`return createCmd`
Implemented encryption functionality of spc and password generation; refactors on spc and server 2019-05-22 15:22:40 +00:00			`}`